<?php

require_once '../include/common.inc.php';
require_once '../include/upfile.class.php';

if (!checkAdmin()) {
    header("LOCATION:index.php");
    exit;
}

$menu_index = 1;
$page_title = 'JANSEN';
$guide_message = 'Product | Inventory';
$out_ary = array();

getMyParam('action');

if ($action != "") {
    if ($action == 'add') {     
        $file_name = '';
        if($_FILES['up_pic']['size'] > 0 && trim($_FILES['up_pic']['name']) != ""){
            $upfile = new uploadFile($_FILES['up_pic']);
            $upfile->setFileName('J_A_INVENTORY_' . $timestamp);
            $upfile->setFileType(array('image/pjpeg', 'image/gif', 'image/jpeg'));
            $upfile->setAcceptOverwrite(0);   
            $upfile->setStoreDir(JANSEN_ROOT.'/zh/attachments/');
            $upfile->setMaxSize(1024*1024*2);

            if (!$upfile->save()) {              
                echo "<script>alert('" . $upfile->error_msg . "');history.back(-1);</script>";
                exit;
            }
            $file_name = $upfile->fileName;
        }

        if (!empty($_POST['name'])) {
            getMyParam('type');
            $seq = is_numeric($_POST['seq']) && $_POST['seq'] > 0 ? $_POST['seq'] : 0;
            $sql = "INSERT INTO `inventory` (`name`,`namezh`,`nameru`, `seq`, `type`) VALUES ('" . $_POST['name'] . "', '".$_POST['namezh']."', '".$_POST['nameru']."', '$seq', '$type')";
            $db->query($sql);

        }
    }

    if ($action == 'edit') {
        getMyParam('iid');
        if (is_numeric($iid) && $iid > 0 && !empty($_POST['name'])) {
            getMyParam('type');
            $seq = is_numeric($_POST['seq']) && $_POST['seq'] > 0 ? $_POST['seq'] : 0;
            
            // ͼƬϴ
            $file_name = '';
            if($_FILES['up_pic']['size'] > 0 && trim($_FILES['up_pic']['name']) != ""){
                $upfile = new uploadFile($_FILES['up_pic']);
                $upfile->setFileName('J_A_INVENTORY_' . $timestamp);
                $upfile->setFileType(array('image/pjpeg', 'image/gif', 'image/jpeg'));
                $upfile->setAcceptOverwrite(0);   //0:��ͬļ
                $upfile->setStoreDir(JANSEN_ROOT.'zh/attachments/');
                $upfile->setMaxSize(1024*1024*2);

                if (!$upfile->save()) {
                    echo "<script>alert('" . $upfile->error_msg . "');history.back(-1);</script>";
                    exit;
                }
                $sql = "SELECT `pic` FROM `inventory` WHERE `id` = '" . $iid . "'";
                $rs = $db->get_one($sql);
                delPicture($rs['pic']);

                $file_name = $upfile->fileName;
                $change_col = ", `pic` = '$file_name'";
            } else {
                $change_col = "";
            }
            
            $sql = "UPDATE `inventory` SET `name` = '" . $_POST['name'] . "',`namezh`='".$_POST['namezh']."', `nameru`='".$_POST['nameru']."', `seq` = '$seq', `type` = '$type' " . $change_col . " WHERE `id` = '$iid'";
            $db->query($sql);

        }
        
        goFromPage();
    }

    if ($action == 'del') {
        getMyParam('iid');
        if (is_numeric($iid) && $iid > 0) {
            $sql = "SELECT `pic` FROM `inventory` WHERE `id` = '" . $iid . "'";
            $rs = $db->get_one($sql);
            delPicture($rs['pic']);
            
            $sql = "DELETE FROM `inventory` WHERE `id` = '" . $iid . "'";
            $db->query($sql);
        }
        
        goFromPage();
    }

    header("LOCATION:p_inventory.php");
}


// *** page code start ***
$page_url = 'p_inventory.php?';

$sql = "SELECT `id` FROM `inventory`";
$query = $db->query($sql);
$sql_all_num = $db->num_rows($query);

$ppp = 10;
getMyParam('page');
$page = empty($page) || !ispage($page) ? 1 : $page;
$start_limit = ($page - 1) * $ppp;
if($start_limit > $sql_all_num) {
    $start_limit = 0;
    $page = 1;
}

$page_show = getPageStr($sql_all_num, $page, $ppp, $page_url);

// *** page code end ***

$sql = "SELECT `id`, `name`,`namezh`,`nameru`, `seq`, `type` FROM `inventory` ORDER BY `seq` ASC LIMIT $start_limit, $ppp";
$query = $db->query($sql);
while($rs = $db->fetch_array($query)) {
    $out_ary[] = $rs;
}

$debug = 1;
debuginfo();

include_once(JANSEN_ROOT . 'admin/menu_list.php');
require_once PrintEot('a_header');
require_once PrintEot('a_p_inventory');
require_once PrintEot('a_footer');

?>